Week 10 in Review – 2012

Let me say, right off the top, that I love CanSecWest. I am tired of “vendor” conferences, where you pay outrageous fees for the privilege of sitting through a bunch of sales pitches. At least CanSecWest has real information, as opposed to virtual information.

B-Sides SF and RSAC 2012 Summary – rants.effu.se
One of the consistent themes I heard from attendees of B-Sides SF and RSAC this year was “this was the best year yet!” That is a huge turn-around from the cynicism that was so prevalent last year.

M-Trends: The One Threat Report You Need to Read – blog.mandiant.com
Today is a big day. If you’ve followed us for a while you know that once a year we step back and take stock of what we’ve seen on the front lines battling targeted attacks. What is the advanced persistent threat (APT) up to?

Tools

TaskManager.xls V0.1.2 Update – blog.didierstevens.com
This is a new version of TaskManager.xls with memory usage statistics, with code given to me by sciomathman.

Introducing Adobe SWF Investigator – adobe.com
Today I am launching a beta of a tool on Adobe Labs called, Adobe SWF Investigator. This Adobe AIR-based application is a suite of tools that may be useful to SWF developers, quality engineers, and security researchers.

Ettercap v0.7.4.1 Lazarus Released – ettercap.sourceforge.net
Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.

Wireshark and Pcap-ng – blog.wireshark.org
When Wireshark 1.8.0 is released in the next few months it will introduce two major features: the ability to capture from multiple interfaces at once and the ability to annotate packets.

Testing the Security of Virtual Data Centers – community.rapid7.com
If you are doing security assessments, you are probably running into virtual servers every day. According to analyst firm Gartner, 80% of companies now have a virtualization project or program. With the recent 4.2 release of Metasploit, your next penetration test should be much more fun.

What’s your company doing to prepare for IPv6? Probably not an awful lot. While 10% of the world’s top websites now offer IPv6 services, most companies haven’t formulated an IPv6 strategy for the network.

Foot printing – Finding your target… – sensepost.com
Network foot printing is, perhaps, the first active step in the reconnaissance phase of an external network security engagement. This phase is often highly automated with little human interaction as the techniques appear, at first glance, to be easily applied in a general fashion across a broad range of targets.

Google recently offered up prizes totaling $1 million for those capable of exploiting its browser Chrome. Now, at Google’s own competition called Pwnium, a student has walked away with one of the top prizes, earning $60,000 by hacking a PC running Chrome.

Finding zero-day exploits to win a hacking contest can be really hard work these days. So sometimes the better strategy is just to game the game.

The Ruby/GitHub hack: translated – erratasec.blogspot.com
The underlying issue is an “Insecure Direct Object Reference”, #4 on the OWASP Top 10 list of most important web-application vulnerabilities. It means that that a hacker can change what’s in the website database without having permission.

The U.S. government says it has the right to seize any .com, .net and .org domain name because the companies that have the contracts to administer them are based on United States soil, according to Nicole Navas, an Immigration and Customs Enforcement spokeswoman.

Hector Xavier Monsegur may have portrayed the exploits of Anonymous and LulzSec as a glamorous fight against “the man”, but the dark criminal realities of their exploits were exposed in his indictment. It appears he wasn’t just in it for the lulz.

Recently we noticed spammers abusing Dropbox, a popular cloud-based, file-hosting and synchronization tool, to spread spam. Dropbox accounts have a public folder where files can be placed and made publicly available. This function is useful to spammers, as it effectively turns Dropbox into a free hosting site.

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.